From 8b59a2a2914d7ac0b9f318e6d3208e31fa9dd88e Mon Sep 17 00:00:00 2001 From: Saturnino Abril Date: Tue, 14 Mar 2017 04:40:32 +0900 Subject: APIv4: GET /files/{file_id}/preview (#5568) patch 1 --- api4/file.go | 33 +++++++++++++++++++++++++++++++++ api4/file_test.go | 52 ++++++++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 85 insertions(+) (limited to 'api4') diff --git a/api4/file.go b/api4/file.go index 566878156..fa414faa3 100644 --- a/api4/file.go +++ b/api4/file.go @@ -25,6 +25,7 @@ func InitFile() { BaseRoutes.File.Handle("", ApiSessionRequired(getFile)).Methods("GET") BaseRoutes.File.Handle("/thumbnail", ApiSessionRequired(getFileThumbnail)).Methods("GET") BaseRoutes.File.Handle("/link", ApiSessionRequired(getFileLink)).Methods("GET") + BaseRoutes.File.Handle("/preview", ApiSessionRequired(getFilePreview)).Methods("GET") } @@ -161,6 +162,38 @@ func getFileLink(c *Context, w http.ResponseWriter, r *http.Request) { w.Write([]byte(model.MapToJson(resp))) } +func getFilePreview(c *Context, w http.ResponseWriter, r *http.Request) { + c.RequireFileId() + if c.Err != nil { + return + } + + info, err := app.GetFileInfo(c.Params.FileId) + if err != nil { + c.Err = err + return + } + + if info.CreatorId != c.Session.UserId && !app.SessionHasPermissionToChannelByPost(c.Session, info.PostId, model.PERMISSION_READ_CHANNEL) { + c.SetPermissionError(model.PERMISSION_READ_CHANNEL) + return + } + + if info.PreviewPath == "" { + c.Err = model.NewLocAppError("getFilePreview", "api.file.get_file_preview.no_preview.app_error", nil, "file_id="+info.Id) + c.Err.StatusCode = http.StatusBadRequest + return + } + + if data, err := app.ReadFile(info.PreviewPath); err != nil { + c.Err = err + c.Err.StatusCode = http.StatusNotFound + } else if err := writeFileResponse(info.Name, info.MimeType, data, w, r); err != nil { + c.Err = err + return + } +} + func writeFileResponse(filename string, contentType string, bytes []byte, w http.ResponseWriter, r *http.Request) *model.AppError { w.Header().Set("Cache-Control", "max-age=2592000, public") w.Header().Set("Content-Length", strconv.Itoa(len(bytes))) diff --git a/api4/file_test.go b/api4/file_test.go index d6de56b7d..be4f4a59c 100644 --- a/api4/file_test.go +++ b/api4/file_test.go @@ -277,3 +277,55 @@ func TestGetFileLink(t *testing.T) { cleanupTestFile(result.Data.(*model.FileInfo)) } } + +func TestGetFilePreview(t *testing.T) { + th := Setup().InitBasic().InitSystemAdmin() + defer TearDown() + Client := th.Client + channel := th.BasicChannel + + if utils.Cfg.FileSettings.DriverName == "" { + t.Skip("skipping because no file driver is enabled") + } + + fileId := "" + var sent []byte + var err error + if sent, err = readTestFile("test.png"); err != nil { + t.Fatal(err) + } else { + fileResp, resp := Client.UploadFile(sent, channel.Id, "test.png") + CheckNoError(t, resp) + + fileId = fileResp.FileInfos[0].Id + } + + // Wait a bit for files to ready + time.Sleep(2 * time.Second) + + data, resp := Client.GetFilePreview(fileId) + CheckNoError(t, resp) + + if data == nil || len(data) == 0 { + t.Fatal("should not be empty") + } + + _, resp = Client.GetFilePreview("junk") + CheckBadRequestStatus(t, resp) + + _, resp = Client.GetFilePreview(model.NewId()) + CheckNotFoundStatus(t, resp) + + Client.Logout() + _, resp = Client.GetFilePreview(fileId) + CheckUnauthorizedStatus(t, resp) + + otherUser := th.CreateUser() + Client.Login(otherUser.Email, otherUser.Password) + _, resp = Client.GetFilePreview(fileId) + CheckForbiddenStatus(t, resp) + + Client.Logout() + _, resp = th.SystemAdminClient.GetFilePreview(fileId) + CheckNoError(t, resp) +} -- cgit v1.2.3-1-g7c22